Join 1SI Log in MENU

News You Need to Know


Date ArticleType
7/5/2017 Member News
When WannaCry-like Ransomwares Attack - For cybersecurity, the best defense is a good offense

(June 30, 2017) Lexington, Ky. – On Friday, May 12, a major cyberattack activated in Europe and quickly spread worldwide, targeting computers running the Microsoft Windows operating system. The ransomware, known as WannaCry or WannaCrypt, encrypted data on affected machines and then demanded ransom payments via Bitcoin. Within 24 hours, the “cryptoworm” was reported to have infected roughly a quarter-million computers in at least 150 different countries. Hit hard were large companies and government agencies, including FedEx, Britain’s National Health Service, and German railway Deutsche Bahn. In the early hours of the attack, cybersecurity experts warned of vast potential damage to individuals and businesses across the globe.

Jumping to Tuesday, June 27, another global cyberattack struck. This time “ground zero” appears to have been in Ukraine. Again, this malware was able to infect large companies such as Mondelez, advertising giant WPP, and FedEx. As with WannaCry, the phones quickly began ringing at the 24-hour help desk of managed I.T. services provider (MSP) NetGain Technologies shortly after news broke about the latest ransomware attack. Business owners, CEOs, and other executives at client companies who had been watching the news were becoming concerned about security of their data.

NetGain’s remote support engineers (RSEs) fielded dozens of questions about the implications of the WannaCry ransomware and the current global WannaCry-like malware attack. Could we be infected with these viruses and not know it? Is it safe to use our systems? What do we need to do to be protected?

Zack Wildman, director of operations at NetGain Technologies, briefed his team on providing a thorough response to companies that contract I.T. services from NetGain, and even spoke with several clients who called him directly. He was able to reassure them their data were secure. “I happily answered: Everything is okay! You are not infected, and all your systems are clean, ” Wildman recalls telling the callers. We’ve run reports and scans to confirm this. You have nothing to worry about, and may continue your work as usual .”

Wildman never worried about negative repercussions of either the WannaCry or the more current ransomware. “I never had a chance to worry. Our security team had already contacted me and informed me that NetGain and our clients were—and would remain—safe through this attack.

NetGain’s response to the cyberattacks contrasted heavily with the dire warnings of news media during the events. Major media sites were reporting about I.T. departments scrambling to detect threats or avert vulnerabilities. Because NetGain’s approach to technology management is proactive, it is prepared for the varied ransomware attacks that launch regularly but often receive less attention than WannaCry and its more recent variant. NetGain’s engineers constantly monitor and update client systems to maintain efficient use of resources and obviate crisis responses to imminent threats. The only direct response the family-owned and run managed I.T. services provider needed to make was to communicate the situation to clients. In addition to phone calls with individual clients, the MSP issued an overview of the WannaCry ransomware on its website that educated readers about the WannaCry virus, current virus, and pointed to additional resources. After the more recent virus, NetGain emailed clients and posted a list of 12 simple rules to avoid ransomware emails.

For WannaCry, Scott Logan, technical director of security at NetGain Technologies, provided a short post mortem of the attack: “Immediately upon the release of the Microsoft update MS17-010, our internal administrator started pushing the update on our systems, as well as updating our Sophos (antivirus) ,” Logan explained. The Microsoft update preceded the WannaCry attack by nearly two months, and NetGain proactively applied it. “When all NetGain systems were protected and safe for us to use to access our clients, the security team was safely able to start pushing this same update to them. Because of the quickness in our execution as a team in this defense, we are able to say that not one system, whether internally here at NetGain or at one of our clients, was encrypted.”

NetGain Technologies’ security team comprises eight technical security specialists focused on protecting client businesses from ransomware and other cyberattacks. The security team meets weekly to discuss the current threats and defense, as well as quarterly to review best practices for products, services, and direction to employ. The security team then reports its findings to the compliance team—made up of Logan and Wildman along with Jason Jacobson (CEO), Rick Ward (EVPFinance & Administration), Jason di Nardo (Internal Technology Administrator), Kevin Smith (Client Sales Coordinator), and Robin Fischer (Engineering Manager)—which ensures NetGain remains aligned with strict compliance requirements to maintain the security of internal and client information and assets.

Discovery of a hidden “kill switch” in the coding of WannaCry made this ransomware obsolete after four or five days. This week’s virus—along with hundreds of other cyberattacks released daily—do not have a similar kill switch. Coders continually modify their viruses to better target individuals and businesses—doctors trying to enter patient stats and medications into their medical records, bank tellers accessing client accounts, even the schools carrying your kids’ test scores and personal information. NetGain Technologies advises clients and the public to be vigilant about proactive technology management to eliminate risks of being a victim of cybercrime.


NetGain Technologies developed into one of the world’s top managed IT services providers by creating solutions for business problems. The company has served small businesses in the region since 1984 from its Lexington, Ky., headquarters, and has branch offices in Birmingham, Ala.; Chattanooga, Tenn.; St. Louis, Mo.; Little Rock, Ark.; Louisville, Ky.; and Cincinnati, Ohio.

An industry-leading, secure network operations center staffed by more than 85 technicians and engineers—with more than 250 combined technical certifications—forms the core of Technology OneSource, the company’s award-winning managed IT services package for small and midsize businesses. NetGain Technologies is SOC 2-certified, enabling the company to deliver a best-in-class service while maintaining confidentiality, privacy, processing integrity, availability, and security.